diff --git a/instance-applications/113-ibm-kmodels/Chart.yaml b/instance-applications/113-ibm-kmodels/Chart.yaml new file mode 100644 index 00000000..21648d97 --- /dev/null +++ b/instance-applications/113-ibm-kmodels/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: ibm-kmodels +description: IBM KMODELS +type: application +version: 1.0.0 + +dependencies: +- name: junitreporter + version: 1.0.0 + repository: "file://../../sub-charts/junitreporter/" + condition: junitreporter.devops_mongo_uri != "" \ No newline at end of file diff --git a/instance-applications/113-ibm-kmodels/README.md b/instance-applications/113-ibm-kmodels/README.md new file mode 100644 index 00000000..cd4553e8 --- /dev/null +++ b/instance-applications/113-ibm-kmodels/README.md @@ -0,0 +1,3 @@ +IBM Kmodels +=============================================================================== +Deploy and configure kmodels storage with configurable version \ No newline at end of file diff --git a/instance-applications/113-ibm-kmodels/templates/01-kmodel-namespace.yaml b/instance-applications/113-ibm-kmodels/templates/01-kmodel-namespace.yaml new file mode 100644 index 00000000..1d9553fb --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/01-kmodel-namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "137" \ No newline at end of file diff --git a/instance-applications/113-ibm-kmodels/templates/02-kmodel-secret.yaml b/instance-applications/113-ibm-kmodels/templates/02-kmodel-secret.yaml new file mode 100644 index 00000000..c549d4ff --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/02-kmodel-secret.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: km-s3-secret + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "138" + {{- if eq .Values.mas_aibroker_storage_provider "aws" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}" + {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" + {{- end }} + {{- if eq .Values.mas_aibroker_storage_ssl "false" }} + serving.kserve.io/s3-usehttps: "0" + {{- else }} + serving.kserve.io/s3-usehttps: "1" + {{- end }} + {{- if and (eq .Values.mas_aibroker_storage_provider "minio") (not .Values.mas_aibroker_storage_region | empty) }} + serving.kserve.io/s3-region: "{{ .Values.mas_aibroker_storage_region }}" + {{- end }} +stringData: + AWS_ACCESS_KEY_ID: "{{ .Values.mas_aibroker_storage_accesskey}}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" + S3_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_accesskey}}" + S3_SECRET_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" + S3_HOST: "{{ .Values.mas_aibroker_storage_host}}" + S3_PORT: "{{ .Values.mas_aibroker_storage_port}}" + S3_REGION: "{{ .Values.mas_aibroker_storage_region}}" + S3_SSL: "{{ .Values.mas_aibroker_storage_ssl}}" diff --git a/instance-applications/113-ibm-kmodels/templates/03-kmodel-istio.yaml b/instance-applications/113-ibm-kmodels/templates/03-kmodel-istio.yaml new file mode 100644 index 00000000..e9272d02 --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/03-kmodel-istio.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: security.istio.io/v1beta1 +kind: PeerAuthentication +metadata: + name: default + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "139" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + +spec: + mtls: + mode: PERMISSIVE +--- +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: ds-pipeline-instance + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "140" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + host: ds-pipeline-instance.opendatahub.svc.cluster.local + trafficPolicy: + portLevelSettings: + - port: + number: 8888 + tls: + mode: DISABLE +--- +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: minio-instance + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "141" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + host: minio-instance.opendatahub.svc.cluster.local + trafficPolicy: + portLevelSettings: + - port: + number: 9000 + tls: + mode: DISABLE diff --git a/instance-applications/113-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml b/instance-applications/113-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml new file mode 100644 index 00000000..d1885688 --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: km-instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "142" +spec: + podSelector: + matchLabels: + kmodels: instance + part-of: kmodels + policyTypes: + - Ingress + ingress: + - ports: + - port: 3000 + - port: 8443 + +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: ds-pipelines-km-instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "143" +spec: + podSelector: + matchLabels: + app: ds-pipeline-instance + component: data-science-pipelines + ingress: + - ports: + - protocol: TCP + port: 8888 + from: + - podSelector: + matchLabels: + app: km-controller + policyTypes: + - Ingress diff --git a/instance-applications/113-ibm-kmodels/templates/05-kmodel-store.yaml b/instance-applications/113-ibm-kmodels/templates/05-kmodel-store.yaml new file mode 100644 index 00000000..0df63086 --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/05-kmodel-store.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: km-store + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "144" + labels: + app: km-store +data: + STORE_BUCKET: "{{ .Values.mas_aibroker_storage_templates_bucket }}" + # Certificate files folder (default: /etc/ssl/certs) + CERTS_PATH: "/etc/ssl/certs" + # Private key (default: tls.key) + CERT_PRIVATE_KEY: "tls.key" + # Public certificate (default: tls.crt) + CERT_PUBLIC_CERTIFICATE: "tls.crt" + # Set to true to enable https server (default: true) + SUPPORT_HTTPS: "true" + +--- +apiVersion: v1 +kind: Service +metadata: + name: km-store + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "145" +spec: + ports: + - name: http + port: 3000 + targetPort: http + - name: https + port: 8443 + targetPort: https + selector: + app: km-store + type: ClusterIP + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: km-store + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "146" + labels: + app: km-store + component: store + kmodels: instance + part-of: kmodels +spec: + replicas: 1 + selector: + matchLabels: + app: km-store + kmodels: instance + part-of: kmodels + template: + metadata: + labels: + app: km-store + component: store + kmodels: instance + part-of: kmodels + spec: + restartPolicy: Always + volumes: + - name: ssh-key + secret: + secretName: "{{ .Values.ssh_secret_name }}" + imagePullSecrets: + - name: "{{ .Values.pullSecretName }}" + containers: + - name: store + image: "{{ .Values.image_store }}" + imagePullPolicy: Always + securityContext: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ports: + - name: http + containerPort: 3000 + - name: https + containerPort: 8443 + envFrom: + - configMapRef: + name: km-store + - secretRef: + name: km-s3-secret + resources: + requests: + memory: "64Mi" + cpu: "50m" + ephemeral-storage: "1Gi" + limits: + memory: "256Mi" + cpu: "100m" + ephemeral-storage: "2Gi" + livenessProbe: + httpGet: + path: /version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 15 + periodSeconds: 500 + readinessProbe: + httpGet: + path: /version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 500 + volumeMounts: + - mountPath: "/etc/ssl/certs" + name: ssh-key + readOnly: true diff --git a/instance-applications/113-ibm-kmodels/templates/06-kmodel-watcher.yaml b/instance-applications/113-ibm-kmodels/templates/06-kmodel-watcher.yaml new file mode 100644 index 00000000..dec6716e --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/06-kmodel-watcher.yaml @@ -0,0 +1,142 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "147" +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: km-watcher-role + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "148" +rules: + - verbs: + - list + - watch + apiGroups: + - '' + resources: + - events + - pods +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: km-watcher-binding + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "149" +subjects: + - kind: ServiceAccount + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: km-watcher-role + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "150" + labels: + app: km-watcher +data: + PIPELINES: "{{ .Values.aibroker_namespace }}" + TENANTS_BUCKET: "{{ .Values.mas_aibroker_storage_tenants_bucket }}" + EXCLUDE_TENANTS: "{{ .Values.mas_aibroker_provision_tenant }}" + +--- +apiVersion: v1 +kind: Service +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "151" +spec: + ports: + - name: http + port: 3000 + targetPort: http + selector: + app: km-watcher + type: ClusterIP + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "152" + labels: + app: km-watcher + component: watcher +spec: + replicas: 1 + selector: + matchLabels: + app: km-watcher + template: + metadata: + labels: + app: km-watcher + component: watcher + spec: + serviceAccountName: km-watcher + imagePullSecrets: + - name: "{{ .Values.pullSecretName }}" + containers: + - name: watcher + image: "{{ .Values.image_watcher}}" + imagePullPolicy: Always + securityContext: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ports: + - name: http + containerPort: 3000 + resources: + requests: + memory: "64Mi" + cpu: "50m" + ephemeral-storage: "1Gi" + limits: + memory: "256Mi" + cpu: "100m" + ephemeral-storage: "2Gi" + livenessProbe: + httpGet: + path: /version + port: 3000 + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 500 + readinessProbe: + httpGet: + path: /version + port: 3000 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 500 + envFrom: + - configMapRef: + name: km-watcher + - secretRef: + name: km-s3-secret diff --git a/instance-applications/113-ibm-kmodels/templates/07-kmodel-controller.yaml b/instance-applications/113-ibm-kmodels/templates/07-kmodel-controller.yaml new file mode 100644 index 00000000..7839ab53 --- /dev/null +++ b/instance-applications/113-ibm-kmodels/templates/07-kmodel-controller.yaml @@ -0,0 +1,169 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "153" + labels: + app: km-controller +data: + DOCKER_SERVER: "{{ .Values.docker_server }}" + PIPELINES_BUCKET: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" + TENANTS_BUCKET: "{{ .Values.mas_aibroker_storage_tenants_bucket }}" + DOCKER_SECRETS_NAME: "ibm-entitlement" + CONNECTOR_IMAGE_PREFIX: '' + PIPELINE_STEP_IMAGE_PREFIX: '' + PIPELINE_DEFAULT_STEP_TAG: "{{ .Values.mas_aibroker_pipeline_steps_tag }}" + CONNECTOR_DEFAULT_TAG: "{{ .Values.mas_aibroker_connector_tag }}" + {{- if .Values.mas_aibroker_saas }} + DEFAULT_TENANTS: "{{ .Values.mas_aibroker_provision_tenant }}" + {{- else }} + DEFAULT_TENANTS: "{{ .Values.tenantNamespace }}" + {{- end }} + PLATFORM: openshift + + +--- +apiVersion: v1 +kind: Service +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "154" +spec: + ports: + - name: http + port: 3000 + targetPort: http + - name: https + port: 8443 + targetPort: https + selector: + app: km-controller + type: ClusterIP + + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: km-controller-pvc + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "155" +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 1Gi + storageClassName: "{{ .Values.primary_storage_class }}" + + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "156" + + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "157" + labels: + app: km-controller + component: controller +spec: + replicas: 1 + revisionHistoryLimit: 1 + selector: + matchLabels: + app: km-controller + template: + metadata: + labels: + app: km-controller + component: controller + spec: + serviceAccountName: km-controller + volumes: + - name: storage + persistentVolumeClaim: + claimName: km-controller-pvc + - name: ssh-key + secret: + secretName: "{{ .Values.ssh_secret_name }}" + imagePullSecrets: + - name: "{{ .Values.pullSecretName }}" + containers: + - name: controller + image: "{{ .Values.image_controller}}" + imagePullPolicy: Always + securityContext: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ports: + - name: http + containerPort: 3000 + - name: https + containerPort: 8443 + resources: + requests: + memory: "128Mi" + cpu: "100m" + ephemeral-storage: "1Gi" + limits: + memory: "256Mi" + cpu: "200m" + ephemeral-storage: "2Gi" + livenessProbe: + httpGet: + path: /api/v1/version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 15 + periodSeconds: 500 + readinessProbe: + httpGet: + path: /api/v1/version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 500 + env: + - name: KMODELS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: KMODELS_ID + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: km-controller + - secretRef: + name: km-s3-secret + volumeMounts: + - name: storage + mountPath: "/storage" + - name: ssh-key + mountPath: "/etc/ssl/certs" + readOnly: true diff --git a/instance-applications/113-ibm-kmodels/values.yaml b/instance-applications/113-ibm-kmodels/values.yaml new file mode 100644 index 00000000..3d5c279c --- /dev/null +++ b/instance-applications/113-ibm-kmodels/values.yaml @@ -0,0 +1,41 @@ +--- +run_sync_hooks: true + +aibroker_namespace: "mas-MAS_INSTANCE_ID-aibroker" + +mas_aibroker_storage_provider: "aws" +mas_aibroker_storage_ssl: "true" + +# following are the variable need to injected via environment variable +mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" +mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" +mas_aibroker_storage_host: "mas_aibroker_storage_host" +mas_aibroker_storage_port: "mas_aibroker_storage_port" +mas_aibroker_storage_region: "mas_aibroker_storage_region" + +ssh_secret_name: "MAS_INSTANCE_ID-internal-aibroker-tls" + +# vars file for kmodels +pullSecretName: "ibm-entitlement" + +docker_server: "MAS_ICR_CP/aibroker" + +tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" +mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" +primary_storage_class: "PRIMARY_STORAGE_CLASS" + +# Bucket names +mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" +mas_aibroker_storage_tenants_bucket: "MAS_AIBROKER_STORAGE_TENANTS_BUCKET" +mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + +#container images +image_store: "MAS_ICR_CP/aibroker/store:1.0.2" +image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" +image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" + +mas_aibroker_pipeline_steps_tag: 1.0.0 +mas_aibroker_connector_tag: 1.0.0 + +#saas +mas_aibroker_saas: "MAS_AIBROKER_SAAS" diff --git a/root-applications/ibm-aibroker-instance-root/templates/040-ibm-kmodels-app.yaml b/root-applications/ibm-aibroker-instance-root/templates/040-ibm-kmodels-app.yaml new file mode 100644 index 00000000..a7e7c2fc --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/templates/040-ibm-kmodels-app.yaml @@ -0,0 +1,89 @@ +{{- if not (empty .Values.ibm_kmodel) }} +--- +# IBM Maximo Kmodels +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kmodel.{{ .Values.cluster.id }}.{{ .Values.instance.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + annotations: + argocd.argoproj.io/sync-wave: "040" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/113-ibm-kmodel + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + openshift_namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" + run_sync_hooks: "{{ .Values.ibm_kmodel.run_sync_hooks }}" + aibroker_namespace: "{{ .Values.ibm_kmodel.aibroker_namespace }}" + mas_aibroker_storage_provider: "{{ .Values.ibm_kmodel.mas_aibroker_storage_provider }}" + mas_aibroker_storage_ssl: "{{ .Values.ibm_kmodel.mas_aibroker_storage_ssl }}" + mas_aibroker_storage_accesskey: "{{ .Values.ibm_kmodel.mas_aibroker_storage_accesskey }}" + mas_aibroker_storage_secretkey: "{{ .Values.ibm_kmodel.mas_aibroker_storage_secretkey }}" + mas_aibroker_storage_host: "{{ .Values.ibm_kmodel.mas_aibroker_storage_host }}" + mas_aibroker_storage_port: "{{ .Values.ibm_kmodel.mas_aibroker_storage_port }}" + mas_aibroker_storage_region: "{{ .Values.ibm_kmodel.mas_aibroker_storage_region }}" + ssh_secret_name: "{{ .Values.ibm_kmodel.ssh_secret_name }}" + pullSecretName: "{{ .Values.ibm_kmodel.pullSecretName }}" + docker_server: "{{ .Values.ibm_kmodel.docker_server }}" + tenantNamespace: "{{ .Values.ibm_kmodel.tenantNamespace }}" + mas_aibroker_provision_tenant: "{{ .Values.ibm_kmodel.mas_aibroker_provision_tenant }}" + primary_storage_class: "{{ .Values.ibm_kmodel.primary_storage_class }}" + mas_aibroker_storage_templates_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_templates_bucket }}" + mas_aibroker_storage_tenants_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_tenants_bucket }}" + mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_pipelines_bucket }}" + image_store: "{{ .Values.ibm_kmodel.image_store }}" + image_watcher: "{{ .Values.ibm_kmodel.image_watcher }}" + image_controller: "{{ .Values.ibm_kmodel.image_controller }}" + mas_aibroker_pipeline_steps_tag: "{{ .Values.ibm_kmodel.mas_aibroker_pipeline_steps_tag }}" + mas_aibroker_connector_tag: "{{ .Values.ibm_kmodel.mas_aibroker_connector_tag }}" + + junitreporter: + reporter_name: "ibm-kmodel-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: kmodelapp + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} diff --git a/root-applications/ibm-aibroker-instance-root/values.yaml b/root-applications/ibm-aibroker-instance-root/values.yaml index 56ba471f..a79ff49a 100644 --- a/root-applications/ibm-aibroker-instance-root/values.yaml +++ b/root-applications/ibm-aibroker-instance-root/values.yaml @@ -55,4 +55,35 @@ ibm_minio: minio_root_password: "" minio_storage_class: "default" minio_storage_size: "40Gi" - minio_image: "quay.io/minio/minio:latest" \ No newline at end of file + minio_image: "quay.io/minio/minio:latest" + +ibm_kmodel: + openshift_namespace: "openshift-operators" + run_sync_hooks: true + aibroker_namespace: "mas-MAS_INSTANCE_ID-aibroker" + mas_aibroker_storage_provider: "aws" + mas_aibroker_storage_ssl: "true" + # following are the variable need to injected via environment variable + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + ssh_secret_name: "MAS_INSTANCE_ID-internal-aibroker-tls" + # vars file for kmodels + pullSecretName: "ibm-entitlement" + docker_server: "MAS_ICR_CP/aibroker" + tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" + mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" + primary_storage_class: "PRIMARY_STORAGE_CLASS" + # Bucket names + mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" + mas_aibroker_storage_tenants_bucket: "MAS_AIBROKER_STORAGE_TENANTS_BUCKET" + mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + #container images + image_store: "MAS_ICR_CP/aibroker/store:1.0.2" + image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" + image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" + mas_aibroker_pipeline_steps_tag: 1.0.0 + mas_aibroker_connector_tag: 1.0.0 + \ No newline at end of file diff --git a/root-applications/ibm-mas-cluster-root/templates/099-instance-appset.yaml b/root-applications/ibm-mas-cluster-root/templates/099-instance-appset.yaml index 99efe4fd..18fb572c 100644 --- a/root-applications/ibm-mas-cluster-root/templates/099-instance-appset.yaml +++ b/root-applications/ibm-mas-cluster-root/templates/099-instance-appset.yaml @@ -8,7 +8,7 @@ metadata: namespace: {{ .Values.argo.namespace }} labels: environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' +# region: '{{ .Values.region.id }}' cluster: '{{ .Values.cluster.id }}' annotations: argocd.argoproj.io/sync-wave: "099" @@ -28,117 +28,17 @@ spec: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-instance-base.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker-instance-base.yaml" - git: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-db2u.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-minio-install.yaml" - git: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-suite.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-sls.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-workspaces.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-suite-configs.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-db2u-databases.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-manage-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-iot-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-assist-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-facilities-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-visualinspection-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-optimizer-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-monitor-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-predict-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-health-install.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-masapp-configs.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-cp4d.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-cp4d-services-base.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-wsl.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-wml.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-spark.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-spss.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-kmodel-install.yaml" syncPolicy: applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" template: @@ -146,7 +46,7 @@ spec: name: "instance.{{ .Values.cluster.id }}.{{ `{{.instance.id}}` }}" labels: environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' + # region: '{{ .Values.region.id }}' cluster: '{{ .Values.cluster.id }}' instance: '{{ `{{.instance.id}}` }}' {{- if .Values.custom_labels }} @@ -164,7 +64,7 @@ spec: source: repoURL: "{{ .Values.source.repo_url }}" targetRevision: "{{ .Values.source.revision }}" - path: root-applications/ibm-mas-instance-root + path: root-applications/ibm-aibroker-instance-root helm: releaseName: instanceappset values: "{{ `{{ toYaml . }}` }}" @@ -182,9 +82,7 @@ spec: {{- if and .Values.notifications .Values.notifications.slack_channel_id }} - name: "notifications.slack_channel_id" value: "{{ .Values.notifications.slack_channel_id }}" - {{- end }} - - name: "mas_catalog_version" - value: "{{ .Values.ibm_operator_catalog.mas_catalog_version }}" + {{- end }} - name: argo.projects.rootapps value: "{{ .Values.argo.projects.rootapps }}" - name: argo.projects.apps diff --git a/root-applications/ibm-mas-cluster-root/templates/100-aibroker-instance-appset.yaml b/root-applications/ibm-mas-cluster-root/templates/100-aibroker-instance-appset.yaml deleted file mode 100644 index a1a1143d..00000000 --- a/root-applications/ibm-mas-cluster-root/templates/100-aibroker-instance-appset.yaml +++ /dev/null @@ -1,135 +0,0 @@ - ---- -# IBM Maximo Application Suite Instance Application Set -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: instance-appset.{{ .Values.cluster.id }} - namespace: {{ .Values.argo.namespace }} - labels: - environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' - cluster: '{{ .Values.cluster.id }}' - annotations: - argocd.argoproj.io/sync-wave: "100" -spec: - goTemplate: true - generators: - - merge: - mergeKeys: - # Would love to use ".path.path" here to merge the configs together - # but this is not possible currently with goTemplate: true - see https://github.com/argoproj/argo-cd/issues/12836 - # (and we really want goTemplate: true so we can dump the entire config file into HELM_VALUES using toPrettyJson) - # instead, we are forced to explicitly provide a merge key in all of our config files to make them line up - - 'merge-key' - generators: - # This is the "base" generator, it *must* be first in the list - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker-instance-base.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker-minio-install.yaml" - syncPolicy: - applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" - template: - metadata: - name: "instance.{{ .Values.cluster.id }}.{{ `{{.instance.id}}` }}" - labels: - environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' - cluster: '{{ .Values.cluster.id }}' - instance: '{{ `{{.instance.id}}` }}' -{{- if .Values.custom_labels }} -{{ .Values.custom_labels | toYaml | indent 8 }} -{{- end }} - annotations: - healthCheckTimeout: "1800" - argocd.argoproj.io/sync-wave: "099" - {{- if and .Values.notifications .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} - {{- end }} - spec: - project: "{{ .Values.argo.projects.rootapps }}" - source: - repoURL: "{{ .Values.source.repo_url }}" - targetRevision: "{{ .Values.source.revision }}" - path: root-applications/ibm-aibroker-instance-root - helm: - releaseName: instanceappset - values: "{{ `{{ toYaml . }}` }}" - parameters: - - name: "generator.repo_url" - value: "{{ .Values.generator.repo_url }}" - - name: "generator.revision" - value: "{{ .Values.generator.revision }}" - - name: "source.revision" - value: "{{ .Values.source.revision }}" - - name: "source.repo_url" - value: "{{ .Values.source.repo_url }}" - - name: argo.namespace - value: "{{ .Values.argo.namespace }}" - {{- if and .Values.notifications .Values.notifications.slack_channel_id }} - - name: "notifications.slack_channel_id" - value: "{{ .Values.notifications.slack_channel_id }}" - {{- end }} - - name: "minio_namespace" - value: "{{ .Values.ibm_minio.minio_namespace }}" - - name: "minio_instance_name" - value: "{{ .Values.ibm_minio.minio_instance_name }}" - - name: "minio_root_user" - value: "{{ .Values.ibm_minio.minio_root_user }}" - - name: "minio_root_password" - value: "{{ .Values.ibm_minio.minio_root_password }}" - - name: "minio_storage_class" - value: "{{ .Values.ibm_minio.minio_storage_class }}" - - name: "minio_storage_size" - value: "{{ .Values.ibm_minio.minio_storage_size }}" - - name: "minio_image" - value: "{{ .Values.ibm_minio.minio_image }}" - - name: argo.projects.rootapps - value: "{{ .Values.argo.projects.rootapps }}" - - name: argo.projects.apps - value: "{{ .Values.argo.projects.apps }}" - - name: avp.name - value: "{{ .Values.avp.name }}" - - name: avp.secret - value: "{{ .Values.avp.secret }}" - - name: avp.values_varname - value: "{{ .Values.avp.values_varname }}" - - name: auto_delete - value: "{{ .Values.auto_delete }}" - - name: devops.mongo_uri - value: "{{ .Values.devops.mongo_uri }}" - - name: devops.build_number - value: "{{ .Values.devops.build_number }}" - destination: - server: 'https://kubernetes.default.svc' - namespace: {{ .Values.argo.namespace }} - syncPolicy: - automated: - {{- if .Values.auto_delete }} - prune: true - {{- end }} - selfHeal: true - syncOptions: - - CreateNamespace=false - - RespectIgnoreDifferences=true - retry: - limit: -1 - ignoreDifferences: - - group: '*' - kind: ServiceAccount - jsonPointers: - - /imagePullSecrets - - group: 'marketplace.redhat.com/v1alpha1' - kind: MarketplaceConfig - jsonPointers: - - /spec - # revisionHistoryLimit set to 1 due to size limit of what can be stored in etcd for anything larger - revisionHistoryLimit: 1 \ No newline at end of file